VIRY.CZ

vim a omlouvam se...prazdniny byly narocne

zde log

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23.08.2018
Ran by Kamilka (08-09-2018 19:23:05)
Running from C:\Users\Kamilka\Desktop
Microsoft Windows 10 Home Version 1803 17134.228 (X86) (2018-05-20 18:03:54)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3219418776-4157282183-555089908-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3219418776-4157282183-555089908-503 - Limited - Disabled)
Guest (S-1-5-21-3219418776-4157282183-555089908-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3219418776-4157282183-555089908-1002 - Limited - Enabled)
Kamilka (S-1-5-21-3219418776-4157282183-555089908-1000 - Administrator - Enabled) => C:\Users\Kamilka
Mcx1-KAMILKA-PC (S-1-5-21-3219418776-4157282183-555089908-1003 - Limited - Enabled) => C:\Users\Mcx1-KAMILKA-PC
WDAGUtilityAccount (S-1-5-21-3219418776-4157282183-555089908-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM\...\uTorrent) (Version: 2.2.1.25534 - emc, uTorrent.CZ)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 18.011.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 17 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Shockwave Player 11.6 (HKLM\...\Adobe Shockwave Player) (Version: 11.6.3.633 - Adobe Systems, Inc.)
Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.)
Apple Software Update (HKLM\...\{56EC47AA-5813-4FF6-8E75-544026FBEA83}) (Version: 2.2.0.150 - Apple Inc.)
Atheros Client Installation Program (HKLM\...\{D1434266-0486-4469-B338-A60082CC04E1}) (Version: 1.0.2.1119 - Atheros)
BatteryLifeExtender (HKLM\...\{74A579FB-EB06-497D-B194-01590D6FE51A}) (Version: 1.0.5 - Samsung)
Bing Desktop (HKLM\...\{7D095455-D971-4D4C-9EFD-9AF6A6584F3A}) (Version: 1.4.167.0 - Microsoft Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.25 - Piriform)
CyberLink DVD Suite (HKLM\...\InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}) (Version: 6.0.2806 - CyberLink Corp.)
CyberLink LabelPrint (HKLM\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1916 - CyberLink Corp.)
CyberLink Power2Go (HKLM\...\InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 6.0.3108a - CyberLink Corp.)
CyberLink PowerDirector (HKLM\...\InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}) (Version: 7.0.3213 - CyberLink Corp.)
CyberLink PowerDVD 8 (HKLM\...\InstallShield_{2BF2E31F-B8BB-40A7-B650-98D28E0F7D47}) (Version: 8.0.2815b - CyberLink Corp.)
CyberLink PowerProducer (HKLM\...\InstallShield_{B7A0CE06-068E-11D6-97FD-0050BACBF861}) (Version: 5.0.1.1812 - CyberLink Corp.)
CyberLink YouCam (HKLM\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 2.0.3625 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.4.0.0193 - Disc Soft Ltd)
Defraggler (HKLM\...\Defraggler) (Version: 2.19 - Piriform)
Easy Display Manager (HKLM\...\{17283B95-21A8-4996-97DA-547A48DB266F}) (Version: 3.0 - Samsung Electronics Co., Ltd.)
Easy Network Manager (HKLM\...\{34B76DCB-BF7C-440F-B058-C84172C1E338}) (Version: 4.2.8 - Samsung)
Easy SpeedUp Manager (HKLM\...\{EF367AA4-070B-493C-9575-85BE59D789C9}) (Version: 3.0.0.5 - Samsung Electronics Co.,Ltd.)
EasyBatteryManager (HKLM\...\{178EE5F4-0F86-4BF0-A0D1-9790AFF409D1}) (Version: 4.0.0.3 - Samsung)
ESET Security (HKLM\...\{DAAEA31F-A55C-45C9-9ADE-AB0A59849F59}) (Version: 11.1.42.0 - ESET, spol. s r.o.)
Facebook Video Calling 3.1.0.521 (HKLM\...\{2091F234-EB58-4B80-8C96-8EB78C808CF7}) (Version: 3.1.521 - Skype Limited)
Google Chrome (HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Google Chrome) (Version: 69.0.3497.81 - Google Inc.)
HD Tune 2.55 (HKLM\...\HD Tune_is1) (Version: - EFD Software)
Indeo® Software (HKLM\...\Indeo® Software) (Version: - )
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.2302 - Intel Corporation)
Intel® Matrix Storage Manager (HKLM\...\{9068B2BE-D93A-4C0A-861C-5E35E2C0E09E}) (Version: - Intel Corporation)
Java 8 Update 151 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180151F0}) (Version: 8.0.1510.12 - Oracle Corporation)
JavaFX 2.1.0 (HKLM\...\{1111706F-666A-4037-7777-210328764D10}) (Version: 2.1.0 - Oracle Corporation)
Junk Mail filter update (HKLM\...\{E2DFE069-083E-4631-9B6C-43C48E991DE5}) (Version: 14.0.8089.726 - Microsoft Corporation) Hidden
K-Lite Mega Codec Pack 12.7.5 (HKLM\...\KLiteCodecPack_is1) (Version: 12.7.5 - KLCP)
Korean Fonts Support For Adobe Reader 9 (HKLM\...\{AC76BA86-7AD7-5670-0000-900000000003}) (Version: 9.0.0 - Adobe Systems Incorporated)
LEGO® Batman™ (HKLM\...\{0FFC48C5-C74B-498E-B908-74CB44D30E32}) (Version: 1.00.0000 - Warner Bros. Interactive Entertainment) Hidden
Marvell Miniport Driver (HKLM\...\Marvell Miniport Driver) (Version: 11.22.3.3 - Marvell)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.10325.20118 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\OneDriveSetup.exe) (Version: 18.131.0701.0007 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft WSE 3.0 Runtime (HKLM\...\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}) (Version: 3.0.5305.0 - Microsoft Corp.)
MSVC80_x86_v2 (HKLM\...\{6D3245B1-8DB8-4A23-9CD2-2C90F40ABAF6}) (Version: 1.0.3.0 - Nokia) Hidden
MSVC90_x86 (HKLM\...\{AF111648-99A1-453E-81DD-80DBBF6DAD0D}) (Version: 1.0.1.2 - Nokia) Hidden
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MySQL Connector/ODBC 3.51 (HKLM\...\{0CB3C535-1171-4A20-B549-E2CB5DEB9723}) (Version: 3.51.12 - MySQL AB)
Nokia Connectivity Cable Driver (HKLM\...\{6FE12C01-2FBC-42E2-AEB9-4CA2238C462F}) (Version: 7.1.101.0 - Nokia)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.10325.20118 - Microsoft Corporation) Hidden
Origin (HKLM\...\Origin) (Version: 9.13.0.62213 - Electronic Arts, Inc.)
PC Connectivity Solution (HKLM\...\{6B722793-E77B-41F5-BAB3-6C9832274E75}) (Version: 12.0.76.0 - Nokia)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6003 - Realtek Semiconductor Corp.)
Samsung Kies3 (HKLM\...\{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.) Hidden
Samsung Kies3 (HKLM\...\InstallShield_{88547073-C566-4895-9005-EBE98EA3F7C7}) (Version: 3.2.14013.45 - Samsung Electronics Co., Ltd.)
Samsung Recovery Solution 4 (HKLM\...\{145DE957-0679-4A2A-BB5C-1D3E9808FAB2}) (Version: 4.0.0.6 - Samsung)
Samsung Support Center (HKLM\...\{F687E657-F636-44DF-8125-9FEEA2C362F5}) (Version: 1.0.2 - Samsung)
Samsung Update Plus (HKLM\...\{D3F2FAA5-FEC4-42AA-9ABA-1F763919A2B5}) (Version: 2.0 - Samsung Electronics Co., Ltd.)
SamsungMovie (HKLM\...\{EFA6EF6A-9E0D-4CF0-91DD-B55D8632F65A}) (Version: 1.0.0 - Samsung)
Skype™ 7.40 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.40.104 - Skype Technologies S.A.)
SoftPerfect WiFi Guard version 1.0.3 (HKLM\...\{38AFD787-4D2E-4442-92D2-7739F5F92CF4}_is1) (Version: 1.0.3 - SoftPerfect Research)
SPORE™ (HKLM\...\{9DF0196F-B6B8-4C3A-8790-DE42AA530101}) (Version: 1.00.0000 - Electronic Arts)
Stepok RAW Importer v2.8 (HKLM\...\Stepok RAW Importer_is1) (Version: - Stepok Image Lab.)
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.10.0 - Synaptics Incorporated)
The Sims™ 3 (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}) (Version: 1.69.43.024017 - Electronic Arts Inc.)
The Sims™ 3 Showtime (HKLM\...\{C05D8CDB-417D-4335-A38C-A0659EDFD6B8}_The Sims 3 Showtime) (Version: 1.0.0.0 - Electronic Arts Inc.)
Theme Hospital (HKLM\...\Theme Hospital_is1) (Version: - GOG.com)
Ubisoft Game Launcher (HKLM\...\{888F1505-C2B3-4FDE-835D-36353EBD4754}) (Version: 1.0.0.0 - UBISOFT)
User Guide (HKLM\...\{BAE68339-B0F6-4D33-9554-5A3DB2DFF5DA}) (Version: 1.0 - )
VLC media player 1.1.5 (HKLM\...\VLC media player) (Version: 1.1.5 - VideoLAN)
Windows 10 Update and Privacy Settings (HKLM\...\{542CC2C2-ABAF-4604-8723-DA296AF74540}) (Version: 1.0.14.0 - Microsoft Corporation)
Windows Driver Package - Nokia pccsmcfd “LegacyDriver” (05/31/2012 7.1.2.0) (HKLM\...\17D063A0A9F5D5A225B76B1D9BCB5ADBE85C8382) (Version: 05/31/2012 7.1.2.0 - Nokia)
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8089.0726 - Microsoft Corporation)
Windows Live Sign-in Assistant (HKLM\...\{45338B07-A236-4270-9A77-EBB4115517B5}) (Version: 5.000.818.5 - Microsoft Corporation)
Windows Live Sync (HKLM\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
WinRAR (HKLM\...\WinRAR archiver) (Version: - )
Zeus & Poseidon (HKLM\...\{8043219B-D2C0-4561-90AB-3F1113ED5A87}) (Version: - )
ZTE_1.2059.0.8 (HKLM\...\ZTE_1.2059.0.8) (Version: - )

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\ChromeHTML: -> C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{022105BD-948A-40C9-AB42-A3300DDF097F}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{1FD1FE74-9E3C-4C1C-AEEB-AAB592AD770F}\localserver32 -> C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{22181302-A8A6-4F84-A541-E5CBFC70CC43}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{2F0E2680-9FF5-43C0-B76E-114A56E93598}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{51F9E8EF-59D7-475B-A106-C7EA6F30C119}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{5E71E4F3-E8C7-4906-9626-973E418762B6}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Facebook\Update\1.2.205.0\goopdate.dll (Facebook Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{8B9F5BF4-0407-4BB2-9FED-4C0372DABD00}\localserver32 -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\FacebookVideoCallingProxy.exe (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\69.0.3497.81\notification_helper.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{C3101A8B-0EE1-4612-BFE9-41FFC1A3C19D}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{C442AC41-9200-4770-8CC0-7CDB4F245C55}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{CBE9C57E-FFA9-4123-8354-AD360D6DD3CC}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{E67BE843-BBBE-4484-95FB-05271AE86750}\localserver32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateOnDemand.exe (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\psuser.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-3219418776-4157282183-555089908-1000_Classes\CLSID\{EA724FD3-844D-43A9-A8C9-A5BC35FC20E4}\InprocServer32 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\psuser.dll (Google Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-07-20] (ESET)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-07-20] (ESET)
ContextMenuHandlers4: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2018-07-20] (ESET)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2010-03-15] ()

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00F40D33-69A1-419B-95A6-2B0D059EB914} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0725DE1C-946B-4995-96AA-08DC622A177F} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {0B47D4E5-825F-47B1-9C94-E6D582FD77DB} - System32\Tasks\{4EC4783C-B875-4D40-A677-E047FEA0FD88} => C:\windows\system32\pcalua.exe -a "C:\Program Files\Photodex\ProShow Gold\remove.exe"
Task: {162A6817-B3DB-4886-803D-0E9E543B7DBD} - System32\Tasks\advSRS4 => C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe [2010-01-19] (SEC)
Task: {2215FE9F-B453-4376-A31F-3E5F7C6D8BC9} - System32\Tasks\SamsungSupportCenter => C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe [2010-05-06] (SAMSUNG Electronics)
Task: {2C154169-7335-45BC-A0B4-A6019D9C9989} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {2CC58E73-6E0C-4BE2-8BAE-F5FC180D6750} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {2CE418B7-1996-4546-9D0C-957272A43B51} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {3463AB54-5314-4148-B89E-9FF1FE55F110} - System32\Tasks\Microsoft\Windows\Media Center\Extender\Update media permissions for Mcx1-KAMILKA-PC => C:\WINDOWS\ehome\McxTask.exe
Task: {3727246A-3948-4304-BCF9-330D904F47B6} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3D9CBA2B-B000-4791-899C-A9F9BB2D64AE} - System32\Tasks\{5920A724-781E-4975-9033-5F83B4385B9D} => C:\Program Files\Skype\\Phone\Skype.exe [2017-10-10] (Skype Technologies S.A.)
Task: {3E2E2B2C-FCD5-470B-89FB-C92EC8915B03} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2016-12-06] (Piriform Ltd)
Task: {4929741B-D7DF-4DA6-AB97-23502BAFCF9C} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {4B1A2398-509B-49A8-AD92-6012EF4527F6} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate_scheduled => C:\WINDOWS\ehome\mcupdate.exe
Task: {4EEEC0C8-B345-47B3-B614-B40A3460CFE1} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {524EF5DF-A30A-4319-BB88-EB94C64FE349} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2016-02-23] (Apple Inc.)
Task: {537FDBD7-C27A-414B-BDFF-E0D7B23CC793} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {544F91D9-F912-49A4-BCEA-EB7A252FBC1E} - System32\Tasks\SUPBackground => C:\Program Files\Samsung\Samsung Update Plus\SUPBackground.exe [2010-04-20] ()
Task: {546D7396-52F6-410F-94AC-B821FF04E744} - System32\Tasks\Microsoft\Office\OfficeOsfInstaller => C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\osfinstaller.exe [2018-08-19] (Microsoft Corporation)
Task: {612ED69C-95E1-44B2-B7A6-25CADB324DE5} - System32\Tasks\{2F59EA89-41AA-4DFB-A4CB-9AEEE771F9FB} => C:\windows\system32\pcalua.exe -a C:\Windows\UbiSoft\SetupUbi.exe -d C:\windows\UbiSoft -c -http hxxp://www.raymanm.com
Task: {62DC15A4-ACD2-4D09-B5D0-9C77C5CA8934} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {670DA724-BA9D-4207-B660-39EF2A81916F} - System32\Tasks\{1F88FA98-3882-43CE-A708-E4946CD0B592} => C:\WINDOWS\system32\pcalua.exe -a G:\Support\DrvSetup.exe -d G:\Support
Task: {6A2E73E7-1F89-4336-B4CB-2F80F57F5926} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-03-21] (Adobe Systems Incorporated)
Task: {6CE791B4-8CCB-4DB5-B61E-2BE6E1C47D82} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core1d1e96abb1f62f0 => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {6F994398-5976-467F-8774-926967D9DDBA} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {757AD349-B58D-4DD1-BF3E-6CDFEF74A436} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA1d25840536a612b => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7771CAAA-7388-4FF3-8193-21BBD3A33940} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7D1E7520-EECF-42A0-9549-AF82921A5C01} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {7E096918-C3B0-4ADB-AB24-A9D0C7235E4C} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {83593BA0-32BB-4FFA-B456-0103CC37F53D} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {9093FE45-F527-451B-B25C-44F469A2AA18} - System32\Tasks\EasySpeedUpManager => C:\Program Files\SAMSUNG\EasySpeedUpManager\EasySpeedUpManager.exe [2009-10-13] (Samsung Electronics Co., Ltd.)
Task: {954F1EFE-6D14-43CD-88C6-E62648E6084F} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {9B853534-91CB-4A4E-A789-24674E67C4BA} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {9D1B39B5-AE0E-4145-9FA0-1637F6732348} - System32\Tasks\{C6EE5EB4-9AAC-4A1C-815E-B0B45CF91250} => C:\Windows\UbiSoft\SetupUbi.exe
Task: {9F175D2B-4DC5-42D4-A361-8DFC5208C9D8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-19] (Microsoft Corporation)
Task: {A074297B-0819-415F-AA1C-1CEA62A78025} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-08-19] (Microsoft Corporation)
Task: {A46ADC45-9CB9-4C70-B754-1F640184A981} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A4DBC9DD-4097-4D11-AB77-F439AD64B783} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {AE31BEAB-2053-4F7B-9D12-5CFFFA853D86} - System32\Tasks\BatteryLifeExtender => C:\Program Files\Samsung\BatteryLifeExtender\BatteryLifeExtender.exe [2010-06-01] (Samsung Electronics. Co. Ltd.)
Task: {B01854B7-E936-4810-98AF-D48AB1585A9F} - System32\Tasks\{9739F5E6-17A8-48B9-82EE-58B13E994148} => C:\windows\system32\pcalua.exe -a "C:\Program Files\Ubi Soft\RaymanM\RM_Setup_DX8.exe" -d "C:\Program Files\Ubi Soft\RaymanM"
Task: {B44D0C7C-6ED5-4688-8BC7-F52D8593F3CE} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-08-19] (Microsoft Corporation)
Task: {B5F7DC56-B69D-468F-8339-1C7E393457D8} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {B609C97F-F9BF-41A8-8E86-6F2884BB2D38} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core1d25840535c1319 => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {B9540BDF-9C40-4E23-A0A2-566EE6E83F7B} - System32\Tasks\Adobe Flash Player Updater => C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-15] (Adobe Systems Incorporated)
Task: {BE4B7488-9B29-423C-82BE-49601CDFED9B} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core => C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19] (Facebook Inc.)
Task: {BEBA0598-2736-407A-851F-68F4478CD647} - System32\Tasks\EasyDisplayMgr => C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe [2009-11-04] (Samsung Electronics Co., Ltd.)
Task: {C213EF7B-5958-4F69-B15B-D4F929D4FE7C} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-11] ()
Task: {C449A13A-922A-483B-AADF-EC80E45BB290} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {C74A93D7-E0AA-4AF5-88C4-2EF94D022AFF} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {C81B7F5C-2ACC-4D68-B4C6-1B35B9727B8F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-08-09] (Microsoft Corporation)
Task: {CF425726-4D94-46C5-832F-DEFBF8906E71} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000UA => C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-10-19] (Facebook Inc.)
Task: {D00F6D12-B958-429F-BAF1-D366AB6A233A} - System32\Tasks\EasyBatteryManager => C:\Program Files\Samsung\EasyBatteryManager\EasyBatteryMgr4.exe [2009-10-16] (SAMSUNG Electronics co., LTD.)
Task: {D99A8ABD-4271-48E1-AE68-CDF8EC090A00} - System32\Tasks\{32259922-2AF5-463E-ADEC-25AA01F38E9E} => C:\Program Files\Skype\\Phone\Skype.exe [2017-10-10] (Skype Technologies S.A.)
Task: {E16AEA79-7B9A-4E4C-BBE7-339FD5334454} - System32\Tasks\klcp_update => C:\Program Files\K-Lite Codec Pack\Tools\CodecTweakTool.exe [2016-12-20] ()
Task: {E362E182-0FBB-40B3-8A07-860101D0D58A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {E57C2ADC-1413-4E60-91C5-E9A2BFC1E097} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F07F3B06-00D7-46F6-8807-F28F3B6692F5} - System32\Tasks\SidebarExecute => C:\Program Files\Windows Sidebar\sidebar.exe
Task: {F1F7369E-6060-4180-BA79-9862F75701A3} - System32\Tasks\S-1-5-21-3219418776-4157282183-555089908-1000\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2018-04-11] (Microsoft Corporation)
Task: {F93AE0A5-28B1-40EF-8E32-AD6F6E57CB71} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe
Task: {FD08A5CB-7B64-43D5-A1D9-88BCF4C5E90F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core.job => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-3219418776-4157282183-555089908-1000Core1d1e96abb1f62f0.job => C:\Users\Kamilka\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2010-06-14 00:49 - 2009-07-07 20:23 - 000247152 ____N () C:\Program Files\CyberLink\Shared files\RichVideo.exe
2010-06-14 00:53 - 2006-08-12 05:48 - 000049152 _____ () C:\Program Files\Samsung\Easy Display Manager\HookDllPS2.dll
2018-04-11 22:29 - 2018-04-11 22:29 - 000364200 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2018-04-11 22:29 - 2018-04-11 22:29 - 000308224 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-11 22:29 - 2018-04-11 22:29 - 001670656 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2010-11-21 12:09 - 2010-03-15 13:28 - 000141824 _____ () C:\Program Files\WinRAR\rarext.dll
2018-08-15 20:45 - 2018-08-03 05:06 - 001609216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-07-18 20:36 - 2018-07-18 20:38 - 000075264 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x86__kzf8qxf38zg5c\SkypeHost.exe
2018-07-18 20:36 - 2018-07-18 20:38 - 000166400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x86__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-07-18 20:36 - 2018-07-18 20:38 - 016200704 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x86__kzf8qxf38zg5c\SkyWrap.dll
2018-07-18 20:36 - 2018-07-18 20:38 - 001812480 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x86__kzf8qxf38zg5c\skypert.dll
2018-08-11 20:56 - 2018-08-11 20:57 - 017156096 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x86__8wekyb3d8bbwe\Video.UI.exe
2018-08-11 20:56 - 2018-08-11 20:57 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x86__8wekyb3d8bbwe\SharedUI.dll
2018-08-11 20:56 - 2018-08-11 20:57 - 004826112 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x86__8wekyb3d8bbwe\EntCommon.dll
2017-09-26 04:34 - 2017-09-26 04:35 - 002890664 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x86__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-11 20:56 - 2018-08-11 20:56 - 006757888 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x86__8wekyb3d8bbwe\EntPlat.dll
2018-08-06 21:03 - 2018-08-06 21:04 - 000174080 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x86__8wekyb3d8bbwe\WinStore.Preview.dll
2018-08-06 21:03 - 2018-08-06 21:04 - 001796320 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x86__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-06 21:03 - 2018-08-06 21:04 - 004841472 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x86__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2018-09-08 10:08 - 2018-09-08 10:09 - 016027136 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18081.11121.0_x86__8wekyb3d8bbwe\Music.UI.exe
2018-09-08 10:08 - 2018-09-08 10:09 - 000214528 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18081.11121.0_x86__8wekyb3d8bbwe\SharedUI.dll
2018-09-08 10:08 - 2018-09-08 10:09 - 004468224 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18081.11121.0_x86__8wekyb3d8bbwe\EntCommon.dll
2017-12-02 10:45 - 2017-12-02 10:46 - 000708608 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18081.11121.0_x86__8wekyb3d8bbwe\Microsoft.Membership.MeControl.UI.Xaml.dll
2017-09-26 04:34 - 2017-09-26 04:35 - 002890664 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18081.11121.0_x86__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-08-31 03:02 - 2018-08-31 03:03 - 000479744 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-08-31 03:02 - 2018-08-31 03:03 - 058608128 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\Microsoft.Photos.dll
2017-10-04 15:13 - 2017-10-04 15:13 - 002366464 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-08-29 21:58 - 2018-08-29 22:00 - 000041984 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\RenderingPlugin.dll
2018-08-31 03:02 - 2018-08-31 03:03 - 003209728 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-04-25 22:05 - 2018-04-25 22:09 - 000008192 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\ImagePipelineNative.dll
2018-08-31 03:02 - 2018-08-31 03:03 - 000028160 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-29 21:58 - 2018-08-29 22:00 - 001875968 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-29 21:58 - 2018-08-29 22:00 - 001818112 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\opencv_core320.dll
2018-04-05 19:07 - 2018-04-05 19:08 - 001787904 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-08-31 03:02 - 2018-08-31 03:03 - 009204736 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-08-31 03:02 - 2018-08-31 03:03 - 003108352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\MediaEngine.dll
2018-08-31 03:02 - 2018-08-31 03:03 - 001765888 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-31 03:02 - 2018-08-31 03:03 - 000645120 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-07-26 19:44 - 2018-07-26 19:45 - 003565056 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-09-05 19:32 - 2018-09-03 22:49 - 004317528 _____ () C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\69.0.3497.81\libglesv2.dll
2018-09-05 19:32 - 2018-09-03 22:49 - 000096600 _____ () C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\69.0.3497.81\libegl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\123simsen.com -> www.123simsen.com

There are 7729 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-05-03 15:36 - 2018-08-31 12:37 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Control Panel\Desktop\\Wallpaper -> C:\Fotky\20151004_151834.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupreg: CanonQuickMenu => C:\Program Files\Canon\Quick Menu\CNQMMAIN.EXE /logon
MSCONFIG\startupreg: CloneCDTray => "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
MSCONFIG\startupreg: OneDrive => "C:\Users\Kamilka\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
HKLM\...\StartupApproved\Run: => "APSDaemon"
HKLM\...\StartupApproved\Run: => "CLMLServer"
HKLM\...\StartupApproved\Run: => "QuickTime Task"
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\StartupApproved\StartupFolder: => "FacebookGamesNotifier.exe.lnk"
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{918CCA03-BCB7-4A36-B700-17FA96F69E76}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{C9CEFD72-2F45-476F-A366-5B82D307437B}] => (Allow) C:\Program Files\CyberLink\PowerDirector\PDR.EXE
FirewallRules: [{C908CCA4-D05F-4FF5-9825-F6B0AD143D48}] => (Allow) C:\Program Files\CyberLink\PowerDVD8\PowerDVD8.EXE
FirewallRules: [{B36137A6-AD71-4628-B58B-36E382489824}] => (Allow) C:\Program Files\Windows Live\Messenger\wlcsdk.exe
FirewallRules: [{EFF9CA49-4765-4B0E-ACA7-C579D5B2544B}] => (Allow) svchost.exe
FirewallRules: [{BE081235-9574-46D8-8B1F-CBAD7EE5CEDB}] => (Allow) C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe
FirewallRules: [{7F3DC2F2-F83A-49A9-8D84-DE829D2D380A}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe
FirewallRules: [{E712C80A-58CB-42E4-8B4D-429A3765370B}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe
FirewallRules: [{D97F2A30-0683-4A9F-879E-A12431DC9697}] => (Allow) C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{56254BBC-D643-40CC-9FD6-2CE44B3C8C8A}] => (Allow) C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [{701FF157-70CB-4CFF-9F05-3F5B62007E93}] => (Allow) C:\Users\Kamilka\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B5B6CAA4-94DA-452F-A17B-8226023A0F0F}] => (Allow) C:\Users\Kamilka\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{568564B1-8F8D-4DC2-A61C-4E6201BA875C}] => (Allow) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
FirewallRules: [{08D2158E-7B00-49EA-AAD9-6522DA7A64EB}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe
FirewallRules: [{2C7E9A95-2AD6-4E93-8A9F-BCAF4E903876}] => (Allow) C:\Program Files\Ubisoft\Ubisoft Game Launcher\UbisoftGameLauncher.exe

==================== Restore Points =========================

05-09-2018 20:48:31 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2018 10:04:06 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/06/2018 08:09:22 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/05/2018 08:48:50 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol.

System Error:
Access is denied.
.

Error: (09/05/2018 07:31:43 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/04/2018 06:43:11 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/04/2018 06:40:22 PM) (Source: Google Update) (EventID: 20) (User: Kamilka-PC)
Description: Event-ID 20

Error: (09/03/2018 08:25:27 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (09/02/2018 12:24:37 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0


System errors:
=============
Error: (09/08/2018 07:16:18 PM) (Source: DCOM) (EventID: 10016) (User: Kamilka-PC)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Kamilka-PC\Kamilka (SID: S-1-5-21-3219418776-4157282183-555089908-1000) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/08/2018 07:14:59 PM) (Source: DCOM) (EventID: 10016) (User: Kamilka-PC)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Kamilka-PC\Kamilka (SID: S-1-5-21-3219418776-4157282183-555089908-1000) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/08/2018 10:49:17 AM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (09/08/2018 10:00:51 AM) (Source: DCOM) (EventID: 10016) (User: Kamilka-PC)
Description: Nastavení oprávnění application-specific neuděluje oprávnění Local Activation pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Kamilka-PC\Kamilka (SID: S-1-5-21-3219418776-4157282183-555089908-1000) z adresy LocalHost (Using LRPC) běžící v kontejneru aplikací Unavailable – SID (Unavailable). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (09/06/2018 10:12:26 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (09/05/2018 09:21:33 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (09/04/2018 10:53:38 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4

Error: (09/03/2018 11:36:33 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


Windows Defender:
===================================
Date: 2018-05-30 22:12:31.235
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Severe
Kategorie: Trojan
Cesta: file:_C:\Users\Kamilka\Downloads\Nepotvrzeno 548615.crdownload
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Kamilka-PC\Kamilka
Název procesu: C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
Verze podpisu: AV: 1.269.345.0, AS: 1.269.345.0, NIS: 1.269.345.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

Date: 2018-05-30 22:11:57.945
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:Win32/Tiggre!rfn
ID: 2147723625
Závažnost: Severe
Kategorie: Trojan
Cesta: file:_C:\Users\Kamilka\Downloads\Nepotvrzeno 311854.crdownload
Původ zjišťování: Místní počítač
Typ zjišťování: Konkrétní
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: Kamilka-PC\Kamilka
Název procesu: C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
Verze podpisu: AV: 1.269.345.0, AS: 1.269.345.0, NIS: 1.269.345.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4

==================== Memory info ===========================

Processor: Pentium(R) Dual-Core CPU T4400 @ 2.20GHz
Percentage of memory in use: 53%
Total physical RAM: 3004.61 MB
Available physical RAM: 1382.73 MB
Total Virtual: 6076.61 MB
Available Virtual: 4055.05 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.83 GB) (Free:123.08 GB) NTFS
Drive d: () (Fixed) (Total:222.83 GB) (Free:81.31 GB) NTFS
Drive g: (Poseidon) (CDROM) (Total:0.51 GB) (Free:0 GB) CDFS

\\?\Volume{f1ff546c-77c1-11df-9425-806e6f6e6963}\ (SYSTEM) (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 6261FA1C)
Partition 1: (Not Active) - (Size=20 GB) - (Type=12)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=222.8 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=222.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23.08.2018
Ran by Kamilka (administrator) on KAMILKA-PC (08-09-2018 19:21:01)
Running from C:\Users\Kamilka\Desktop
Loaded Profiles: Kamilka (Available Profiles: Kamilka & Mcx1-KAMILKA-PC & DefaultAppPool)
Platform: Microsoft Windows 10 Home Version 1803 17134.228 (X86) Language: Angličtina (Spojené státy)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Smart Security\ekrn.exe
() C:\Program Files\CyberLink\Shared files\RichVideo.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(SEC) C:\Program Files\Samsung\Samsung Recovery Solution 4\WCScheduler.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\EasySpeedUpManager\EasySpeedUpManager.exe
(Samsung Electronics Co., Ltd.) C:\Program Files\Samsung\Easy Display Manager\dmhkcore.exe
(SAMSUNG Electronics) C:\Program Files\Samsung\Samsung Support Center\SSCKbdHk.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x86__kzf8qxf38zg5c\SkypeHost.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x86__8wekyb3d8bbwe\Video.UI.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x86__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(Facebook Inc.) C:\Users\Kamilka\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
() C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18081.11121.0_x86__8wekyb3d8bbwe\Music.UI.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18071.15310.1000_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [486816 2018-04-11] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1713448 2010-02-26] (Synaptics Incorporated)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [8120864 2009-12-15] (Realtek Semiconductor)
HKLM\...\Run: [CLMLServer] => C:\Program Files\CyberLink\Power2Go\CLMLSvc.exe [103720 2009-06-03] (CyberLink)
HKLM\...\Run: [PDVD8LanguageShortcut] => C:\Program Files\CyberLink\PowerDVD8\Language\Language.exe [50472 2009-04-15] (CyberLink Corp.)
HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\ecmds.exe [170128 2018-07-20] (ESET)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [516608 2018-04-11] (Microsoft Corporation)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [Google Update] => C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe [601680 2018-05-19] (Google Inc.)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [3376832 2016-07-29] (Disc Soft Ltd)
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [7175384 2016-12-06] (Piriform Ltd)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{5c0f82ed-9437-467b-9291-8239ae187433}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{a01204e6-3498-4762-be85-5ae5592765bc}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-3219418776-4157282183-555089908-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7SMSN
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-16] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-16] (Oracle Corporation)
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
DPF: {CAFEEFAC-0018-0000-0091-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0_91-windows-i586.cab
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll [2009-07-26] (Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2018-08-19] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2017-07-18] (Skype Technologies)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\windows\system32\Adobe\Director\np32dsw.dll [2011-11-22] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-16] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-16] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-03-04] (Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=14.0.8081.0709 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2009-07-10] (Microsoft Corporation)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Kamilka\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=3 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)
FF Plugin HKU\S-1-5-21-3219418776-4157282183-555089908-1000: @tools.google.com/Google Update;version=9 -> C:\Users\Kamilka\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.google.com"
CHR Profile: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default [2018-09-08]
CHR Extension: (YouTube) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-10-01]
CHR Extension: (Vyhledávání Google) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (hxxp://www.facebook.com/) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo [2012-11-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-30]
CHR Extension: (AdBlock) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-07-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-05]
CHR Extension: (Gmail) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-09-08]
CHR HKLM\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
StartMenuInternet: Google Chrome - C:\Users\Kamilka\AppData\Local\Google\Chrome\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [5876704 2018-08-09] (Microsoft Corporation)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1138368 2016-07-29] (Disc Soft Ltd)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1817952 2018-07-20] (ESET)
S3 ekrnEpfw; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [1817952 2018-07-20] (ESET)
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-04] (Macrovision Corporation) [File not signed]
S3 Origin Client Service; C:\Program Files\Origin\OriginClientService.exe [2167056 2018-08-31] (Electronic Arts)
R2 RichVideo; C:\Program Files\CyberLink\Shared files\RichVideo.exe [247152 2009-07-07] ()
S4 ssh-agent; C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [353792 2018-03-19] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [3650472 2018-04-11] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [86584 2018-08-03] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 athr; C:\WINDOWS\System32\drivers\athwn.sys [3228672 2018-04-11] (Qualcomm Atheros Communications, Inc.)
R2 atksgt; C:\WINDOWS\System32\DRIVERS\atksgt.sys [271360 2016-01-31] () [File not signed]
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [109456 2017-05-18] (Samsung Electronics Co., Ltd.)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [26168 2016-08-14] (Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [40504 2016-08-14] (Disc Soft Ltd)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [124376 2018-07-20] (ESET)
R0 edevmon; C:\WINDOWS\System32\DRIVERS\edevmon.sys [92600 2018-07-20] (ESET)
S0 eelam; C:\WINDOWS\System32\DRIVERS\eelam.sys [15352 2018-02-19] (ESET)
R1 ehdrv; C:\WINDOWS\System32\DRIVERS\ehdrv.sys [150792 2018-07-20] (ESET)
R2 ekbdflt; C:\WINDOWS\system32\DRIVERS\ekbdflt.sys [43816 2018-07-20] (ESET)
R1 epfw; C:\WINDOWS\System32\DRIVERS\epfw.sys [73424 2018-07-20] (ESET)
R1 epfwwfp; C:\WINDOWS\system32\DRIVERS\epfwwfp.sys [95224 2018-07-20] (ESET)
R2 lirsgt; C:\WINDOWS\System32\DRIVERS\lirsgt.sys [18048 2016-01-31] () [File not signed]
S3 rtport; C:\windows\system32\drivers\rtport.sys [15656 2010-08-17] (Windows (R) 2003 DDK 3790 provider)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [147344 2017-05-18] (Samsung Electronics Co., Ltd.)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [37448 2018-04-11] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [271776 2018-04-11] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [30208 2018-04-11] (Microsoft Corporation)
S3 WUDFWpdMtp; C:\WINDOWS\system32\DRIVERS\WUDFRd.sys [189952 2018-04-11] (Microsoft Corporation)
R3 yukonw8; C:\WINDOWS\System32\drivers\yk63x86.sys [242688 2018-04-11] (Marvell)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-08 19:21 - 2018-09-08 19:21 - 000014986 _____ C:\Users\Kamilka\Desktop\FRST.txt
2018-08-31 14:17 - 2018-08-31 14:17 - 000000000 ____D C:\Users\Kamilka\Documents\Electronic Arts
2018-08-31 14:11 - 2018-08-31 14:11 - 000001433 _____ C:\Users\Public\Desktop\The Sims 3.lnk
2018-08-31 14:11 - 2018-08-31 14:11 - 000000000 ___HD C:\Program Files\Common Files\EAInstaller
2018-08-31 13:19 - 2018-08-31 13:24 - 000000000 ____D C:\Program Files\Origin Games
2018-08-31 13:12 - 2018-08-31 13:12 - 000000000 ____D C:\Users\Kamilka\.QtWebEngineProcess
2018-08-31 13:12 - 2018-08-31 13:12 - 000000000 ____D C:\Users\Kamilka\.Origin
2018-08-31 12:58 - 2018-08-31 12:58 - 063316376 _____ (Electronic Arts) C:\Users\Kamilka\Desktop\OriginThinSetup.exe
2018-08-31 12:36 - 2018-08-31 12:39 - 000004541 _____ C:\Users\Kamilka\Desktop\Fixlog.txt
2018-08-31 12:30 - 2018-08-31 12:30 - 001773568 _____ (Farbar) C:\Users\Kamilka\Desktop\FRST.exe
2018-08-30 13:38 - 2018-08-30 13:38 - 000427116 _____ C:\Users\Kamilka\Downloads\Doklad_178326688Z.pdf
2018-08-29 21:25 - 2018-08-29 21:26 - 000134133 _____ C:\Users\Kamilka\Downloads\[CzT]Lucifer_3_Serie_TvRip_720p_.torrent
2018-08-19 16:32 - 2018-08-19 16:32 - 000015256 _____ C:\Users\Kamilka\Downloads\[CzT]Avengers_Infinity_War_2018_WebRip_.torrent
2018-08-19 16:32 - 2018-08-19 16:32 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2018-08-19 16:28 - 2018-08-19 16:28 - 000002517 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2018-08-19 16:28 - 2018-08-19 16:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office
2018-08-19 16:24 - 2018-08-19 16:24 - 000014862 _____ C:\Users\Kamilka\Downloads\[CzT]Alenka_v_risi_divu_Alice_in_Wonderland_2010_.torrent
2018-08-19 16:21 - 2018-08-19 16:21 - 000021236 _____ C:\Users\Kamilka\Downloads\[CzT]Letopisy_Narnie_Chronicles_of_Narnia_1_2_3_2005_2010_.torrent
2018-08-19 16:21 - 2018-08-19 16:21 - 000014599 _____ C:\Users\Kamilka\Downloads\[CzT]Kronika_rodu_Spiderwicku_Spiderwick_Chronicles.torrent
2018-08-15 20:47 - 2018-08-03 05:25 - 006568784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2018-08-15 20:46 - 2018-08-03 09:43 - 020383720 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2018-08-15 20:46 - 2018-08-03 09:28 - 002895360 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2018-08-15 20:46 - 2018-08-03 05:31 - 000995792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2018-08-15 20:46 - 2018-08-03 05:26 - 006043600 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2018-08-15 20:46 - 2018-08-03 05:25 - 006688040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2018-08-15 20:46 - 2018-08-03 05:25 - 002255008 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2018-08-15 20:46 - 2018-08-03 05:25 - 001619704 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2018-08-15 20:46 - 2018-08-03 05:18 - 022007808 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2018-08-15 20:46 - 2018-08-03 05:13 - 019404288 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2018-08-15 20:46 - 2018-08-03 05:13 - 006661632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2018-08-15 20:46 - 2018-08-03 05:13 - 003251712 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2018-08-15 20:46 - 2018-08-03 05:11 - 003712000 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2018-08-15 20:46 - 2018-08-03 05:11 - 002700288 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2018-08-15 20:46 - 2018-08-03 05:09 - 005776896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2018-08-15 20:46 - 2018-08-03 05:09 - 002807296 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2018-08-15 20:46 - 2018-08-03 05:08 - 002258944 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2018-08-15 20:46 - 2018-08-03 05:06 - 004191232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2018-08-15 20:46 - 2018-07-15 01:18 - 005657600 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2018-08-15 20:46 - 2018-07-15 01:17 - 011901440 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2018-08-15 20:46 - 2018-07-15 01:17 - 003458048 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2018-08-15 20:46 - 2018-07-14 06:17 - 006527056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2018-08-15 20:46 - 2018-07-14 06:17 - 002031008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2018-08-15 20:46 - 2018-07-14 06:16 - 002331576 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2018-08-15 20:46 - 2018-07-14 06:16 - 001143096 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2018-08-15 20:46 - 2018-07-14 05:59 - 005883392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mos.dll
2018-08-15 20:46 - 2018-07-14 05:57 - 004331008 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2018-08-15 20:46 - 2018-07-14 05:56 - 002900992 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2018-08-15 20:46 - 2018-07-14 05:55 - 002413056 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2018-08-15 20:46 - 2018-07-14 05:55 - 001627136 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2018-08-15 20:46 - 2018-07-13 05:18 - 002143648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2018-08-15 20:45 - 2018-08-03 09:45 - 000663128 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2018-08-15 20:45 - 2018-08-03 09:29 - 000887808 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2018-08-15 20:45 - 2018-08-03 09:29 - 000621568 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2018-08-15 20:45 - 2018-08-03 09:27 - 004050432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2018-08-15 20:45 - 2018-08-03 09:27 - 001469952 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2018-08-15 20:45 - 2018-08-03 09:27 - 001082880 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2018-08-15 20:45 - 2018-08-03 05:28 - 001192016 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2018-08-15 20:45 - 2018-08-03 05:27 - 000445224 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2018-08-15 20:45 - 2018-08-03 05:27 - 000061032 _____ (Microsoft Corporation) C:\WINDOWS\system32\wldp.dll
2018-08-15 20:45 - 2018-08-03 05:26 - 002358680 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2018-08-15 20:45 - 2018-08-03 05:26 - 000539792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2018-08-15 20:45 - 2018-08-03 05:26 - 000142240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2018-08-15 20:45 - 2018-08-03 05:25 - 001052008 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2018-08-15 20:45 - 2018-08-03 05:25 - 000988456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2018-08-15 20:45 - 2018-08-03 05:25 - 000833048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2018-08-15 20:45 - 2018-08-03 05:25 - 000681152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2018-08-15 20:45 - 2018-08-03 05:25 - 000539168 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2018-08-15 20:45 - 2018-08-03 05:25 - 000105256 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2018-08-15 20:45 - 2018-08-03 05:08 - 002013696 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeangle.dll
2018-08-15 20:45 - 2018-08-03 05:08 - 000608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2018-08-15 20:45 - 2018-08-03 05:08 - 000561152 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2018-08-15 20:45 - 2018-08-03 05:08 - 000416256 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2018-08-15 20:45 - 2018-08-03 05:06 - 001755136 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2018-08-15 20:45 - 2018-08-03 05:06 - 001751552 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2018-08-15 20:45 - 2018-08-03 05:06 - 001414144 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2018-08-15 20:45 - 2018-08-03 05:06 - 001272832 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2018-08-15 20:45 - 2018-08-03 05:06 - 001173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2018-08-15 20:45 - 2018-08-03 05:06 - 001000448 _____ (Microsoft Corporation) C:\WINDOWS\system32\TokenBroker.dll
2018-08-15 20:45 - 2018-08-03 05:06 - 000856064 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2018-08-15 20:45 - 2018-08-03 05:06 - 000678400 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.Web.Core.dll
2018-08-15 20:45 - 2018-08-03 05:05 - 000669696 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2018-08-15 20:45 - 2018-08-03 05:05 - 000534016 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2018-08-15 20:45 - 2018-07-15 01:28 - 001327424 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2018-08-15 20:45 - 2018-07-15 01:27 - 000970576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Shell.Broker.dll
2018-08-15 20:45 - 2018-07-15 01:17 - 003254272 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2018-08-15 20:45 - 2018-07-15 01:15 - 007987712 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2018-08-15 20:45 - 2018-07-15 01:13 - 001459200 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2018-08-15 20:45 - 2018-07-15 01:13 - 001452544 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2018-08-15 20:45 - 2018-07-15 01:13 - 001308160 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2018-08-15 20:45 - 2018-07-15 01:12 - 001099264 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2018-08-15 20:45 - 2018-07-15 01:12 - 000997888 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2018-08-15 20:45 - 2018-07-14 06:35 - 000187288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2018-08-15 20:45 - 2018-07-14 06:22 - 000625008 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityHealthService.exe
2018-08-15 20:45 - 2018-07-14 06:20 - 000184472 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2018-08-15 20:45 - 2018-07-14 06:19 - 002535032 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2018-08-15 20:45 - 2018-07-14 06:19 - 000621000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2018-08-15 20:45 - 2018-07-14 06:18 - 000443216 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2018-08-15 20:45 - 2018-07-14 06:17 - 000743320 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2018-08-15 20:45 - 2018-07-14 06:16 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2018-08-15 20:45 - 2018-07-14 06:15 - 001559368 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2018-08-15 20:45 - 2018-07-14 06:15 - 001174552 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2018-08-15 20:45 - 2018-07-14 06:15 - 000829856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2018-08-15 20:45 - 2018-07-14 06:01 - 006647296 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingMaps.dll
2018-08-15 20:45 - 2018-07-14 05:59 - 003553280 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2018-08-15 20:45 - 2018-07-14 05:58 - 001657856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2018-08-15 20:45 - 2018-07-14 05:57 - 000683520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusUpdateHandlers.dll
2018-08-15 20:45 - 2018-07-14 05:57 - 000470016 _____ (Microsoft Corporation) C:\WINDOWS\system32\WFDSConMgrSvc.dll
2018-08-15 20:45 - 2018-07-14 05:57 - 000391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2018-08-15 20:45 - 2018-07-14 05:57 - 000365056 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2018-08-15 20:45 - 2018-07-14 05:56 - 002449408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapRouter.dll
2018-08-15 20:45 - 2018-07-14 05:56 - 001986560 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapGeocoder.dll
2018-08-15 20:45 - 2018-07-14 05:56 - 001558016 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpserverbase.dll
2018-08-15 20:45 - 2018-07-14 05:56 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2018-08-15 20:45 - 2018-07-14 05:56 - 000978944 _____ (Microsoft Corporation) C:\WINDOWS\system32\JpMapControl.dll
2018-08-15 20:45 - 2018-07-14 05:56 - 000876032 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpasvc.dll
2018-08-15 20:45 - 2018-07-14 05:56 - 000365568 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpencom.dll
2018-08-15 20:45 - 2018-07-14 05:56 - 000313856 _____ (Microsoft Corporation) C:\WINDOWS\system32\profsvc.dll
2018-08-15 20:45 - 2018-07-14 05:55 - 000993792 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Vpn.dll
2018-08-15 20:45 - 2018-07-14 05:55 - 000441344 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2018-08-15 20:45 - 2018-07-14 05:54 - 002356224 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2018-08-15 20:45 - 2018-07-14 05:54 - 001537024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActiveSyncProvider.dll
2018-08-15 20:45 - 2018-07-14 05:54 - 001051136 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2018-08-15 20:45 - 2018-07-14 05:54 - 000879104 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2018-08-15 20:45 - 2018-07-14 05:54 - 000729088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NMAA.dll
2018-08-15 20:45 - 2018-07-14 05:53 - 000798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2018-08-15 20:45 - 2018-07-14 05:53 - 000728064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2018-08-15 20:45 - 2018-07-14 05:53 - 000713216 _____ (Microsoft Corporation) C:\WINDOWS\system32\BingOnlineServices.dll
2018-08-15 20:44 - 2018-08-03 09:33 - 000138752 _____ (Microsoft Corporation) C:\WINDOWS\system32\t2embed.dll
2018-08-15 20:44 - 2018-08-03 09:33 - 000098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontsub.dll
2018-08-15 20:44 - 2018-08-03 09:32 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\msiexec.exe
2018-08-15 20:44 - 2018-08-03 09:30 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\hlink.dll
2018-08-15 20:44 - 2018-08-03 09:29 - 000343552 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2018-08-15 20:44 - 2018-08-03 05:46 - 000086944 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmbus.sys
2018-08-15 20:44 - 2018-08-03 05:27 - 000186784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Ucx01000.sys
2018-08-15 20:44 - 2018-08-03 05:26 - 000026016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhv.sys
2018-08-15 20:44 - 2018-08-03 05:11 - 000008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vmgid.sys
2018-08-15 20:44 - 2018-08-03 05:10 - 000095232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WaaSAssessment.dll
2018-08-15 20:44 - 2018-08-03 05:10 - 000015872 _____ (Microsoft Corporation) C:\WINDOWS\system32\winshfhc.dll
2018-08-15 20:44 - 2018-08-03 05:09 - 001361408 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSPhotography.dll
2018-08-15 20:44 - 2018-08-03 05:08 - 000602112 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2018-08-15 20:44 - 2018-08-03 05:08 - 000331264 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2018-08-15 20:44 - 2018-08-03 05:08 - 000288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Search.ProtocolHandler.MAPI2.dll
2018-08-15 20:44 - 2018-08-03 05:07 - 000578560 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2018-08-15 20:44 - 2018-08-03 05:07 - 000236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\netbt.sys
2018-08-15 20:44 - 2018-08-03 05:07 - 000115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakradiag.dll
2018-08-15 20:44 - 2018-08-03 05:06 - 000619520 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcWebFilter.dll
2018-08-15 20:44 - 2018-08-03 05:06 - 000612864 _____ (Microsoft Corporation) C:\WINDOWS\system32\wbiosrvc.dll
2018-08-15 20:44 - 2018-08-03 05:06 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\msIso.dll
2018-08-15 20:44 - 2018-08-03 05:05 - 000735744 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2018-08-15 20:44 - 2018-08-03 05:04 - 000345088 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2018-08-15 20:44 - 2018-07-15 01:27 - 000078744 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2018-08-15 20:44 - 2018-07-15 01:16 - 000056832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProvSysprep.dll
2018-08-15 20:44 - 2018-07-15 01:14 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.XamlHost.dll
2018-08-15 20:44 - 2018-07-15 01:13 - 000775168 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2018-08-15 20:44 - 2018-07-15 01:13 - 000485376 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2018-08-15 20:44 - 2018-07-15 01:11 - 000080384 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2018-08-15 20:44 - 2018-07-14 06:35 - 000288664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pci.sys
2018-08-15 20:44 - 2018-07-14 06:21 - 000161208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\appid.sys
2018-08-15 20:44 - 2018-07-14 06:18 - 000258976 _____ (Microsoft Corporation) C:\WINDOWS\system32\moshostcore.dll
2018-08-15 20:44 - 2018-07-14 06:16 - 000306592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2018-08-15 20:44 - 2018-07-14 06:15 - 000525376 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2018-08-15 20:44 - 2018-07-14 05:58 - 000336384 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cldflt.sys
2018-08-15 20:44 - 2018-07-14 05:58 - 000200192 _____ (Microsoft Corporation) C:\WINDOWS\system32\provops.dll
2018-08-15 20:44 - 2018-07-14 05:58 - 000181760 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2018-08-15 20:44 - 2018-07-14 05:58 - 000172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enrollmentapi.dll
2018-08-15 20:44 - 2018-07-14 05:58 - 000094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\UserDataTimeUtil.dll
2018-08-15 20:44 - 2018-07-14 05:58 - 000011264 _____ (Microsoft Corporation) C:\WINDOWS\system32\EasPolicyManagerBrokerPS.dll
2018-08-15 20:44 - 2018-07-14 05:58 - 000002560 _____ (Microsoft Corporation) C:\WINDOWS\system32\tzres.dll
2018-08-15 20:44 - 2018-07-14 05:57 - 001295360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSVPXENC.dll
2018-08-15 20:44 - 2018-07-14 05:57 - 000292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\exfat.sys
2018-08-15 20:44 - 2018-07-14 05:57 - 000269312 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2018-08-15 20:44 - 2018-07-14 05:57 - 000262656 _____ (Microsoft Corporation) C:\WINDOWS\system32\NmaDirect.dll
2018-08-15 20:44 - 2018-07-14 05:57 - 000151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2018-08-15 20:44 - 2018-07-14 05:57 - 000109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\datamarketsvc.dll
2018-08-15 20:44 - 2018-07-14 05:57 - 000052224 _____ (Microsoft Corporation) C:\WINDOWS\system32\EASPolicyManagerBrokerHost.exe
2018-08-15 20:44 - 2018-07-14 05:56 - 001703936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Controls.dll
2018-08-15 20:44 - 2018-07-14 05:56 - 000392704 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapConfiguration.dll
2018-08-15 20:44 - 2018-07-14 05:56 - 000279040 _____ (Microsoft Corporation) C:\WINDOWS\system32\RasMediaManager.dll
2018-08-15 20:44 - 2018-07-14 05:56 - 000257536 _____ (Microsoft Corporation) C:\WINDOWS\system32\WiFiDisplay.dll
2018-08-15 20:44 - 2018-07-14 05:56 - 000192000 _____ (Microsoft Corporation) C:\WINDOWS\system32\PushToInstall.dll
2018-08-15 20:44 - 2018-07-14 05:56 - 000118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\raschap.dll
2018-08-15 20:44 - 2018-07-14 05:55 - 000830464 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmans.dll
2018-08-15 20:44 - 2018-07-14 05:55 - 000582144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2018-08-15 20:44 - 2018-07-14 05:55 - 000402432 _____ (Microsoft Corporation) C:\WINDOWS\system32\defragsvc.dll
2018-08-15 20:44 - 2018-07-14 05:55 - 000317440 _____ (Microsoft Corporation) C:\WINDOWS\system32\dhcpcore.dll
2018-08-15 20:44 - 2018-07-14 05:55 - 000205312 _____ (Microsoft Corporation) C:\WINDOWS\system32\OneCoreCommonProxyStub.dll
2018-08-15 20:44 - 2018-07-14 05:55 - 000185856 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2018-08-15 20:44 - 2018-07-14 05:54 - 000837632 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapsStore.dll
2018-08-15 20:44 - 2018-07-14 05:54 - 000603648 _____ (Microsoft Corporation) C:\WINDOWS\system32\PCPKsp.dll
2018-08-15 20:44 - 2018-07-14 05:54 - 000444416 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2018-08-15 20:44 - 2018-07-14 05:54 - 000367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuuhext.dll
2018-08-15 20:44 - 2018-07-14 05:54 - 000349696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2018-08-15 20:44 - 2018-07-14 05:53 - 000705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\MapControlCore.dll
2018-08-15 19:37 - 2018-08-15 19:37 - 000065845 _____ C:\Users\Kamilka\Downloads\[CzT]Lucifer_1_serie_TvRip_.torrent
2018-08-15 19:37 - 2018-08-15 19:37 - 000045493 _____ C:\Users\Kamilka\Downloads\[CzT]Lucifer_2_Serie_TvRip_720p_.torrent
2018-08-10 19:29 - 2018-08-10 19:29 - 000012068 _____ C:\Users\Kamilka\Downloads\[CzT]Matky_na_tahu_o_Vanocich_A_Bad_Moms_Christmas_2017_CZ_.torrent
2018-08-10 19:28 - 2018-08-10 19:28 - 000016150 _____ C:\Users\Kamilka\Downloads\[CzT]Nejvetsi_showman_The_Greatest_Showman_2017_CZ_.torrent
2018-08-10 19:27 - 2018-08-10 19:27 - 000013859 _____ C:\Users\Kamilka\Downloads\[CzT]Cesta_za_kralem_trollu_Askeladden_I_Dovregubbens_hall_2017_CZ_.torrent
2018-08-10 19:24 - 2018-08-10 19:24 - 000018531 _____ C:\Users\Kamilka\Downloads\[CzT]Ready_Player_One_Hra_zacina_Ready_Player_One_2018_CZ_.torrent
2018-08-10 19:22 - 2018-08-10 19:22 - 000014420 _____ C:\Users\Kamilka\Downloads\[CzT]Black_Panther_2018_CZ_.torrent
2018-08-10 19:17 - 2018-08-10 19:17 - 000016628 _____ C:\Users\Kamilka\Downloads\[CzT]Zmensovani_Downsizing_2017_CZ_.torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-08 19:21 - 2018-05-30 22:00 - 000000000 ____D C:\FRST
2018-09-08 19:20 - 2018-04-11 22:36 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-09-08 18:54 - 2018-04-11 22:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-09-08 18:54 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-08 10:27 - 2018-04-11 22:31 - 000000000 ____D C:\WINDOWS\INF
2018-09-08 10:16 - 2014-09-18 20:17 - 000000000 ____D C:\ProgramData\Origin
2018-09-06 20:45 - 2018-04-11 22:25 - 000000000 ____D C:\WINDOWS\CbsTemp
2018-09-05 19:32 - 2012-02-27 22:22 - 000002532 _____ C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-31 14:25 - 2010-11-06 22:22 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\DAEMON Tools Lite
2018-08-31 13:24 - 2012-02-03 12:06 - 000000000 ____D C:\ProgramData\AlawarWrapper
2018-08-31 13:19 - 2014-09-18 20:24 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Origin
2018-08-31 13:14 - 2014-09-18 20:23 - 000000000 ____D C:\Program Files\Origin
2018-08-31 13:12 - 2018-05-20 19:37 - 000000000 ____D C:\Users\Kamilka
2018-08-31 13:12 - 2014-09-18 20:24 - 000000000 ____D C:\Users\Kamilka\AppData\Local\Origin
2018-08-31 12:51 - 2018-05-20 19:32 - 001859002 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-08-31 12:51 - 2018-05-20 12:21 - 000760826 _____ C:\WINDOWS\system32\perfh005.dat
2018-08-31 12:51 - 2018-05-20 12:21 - 000161452 _____ C:\WINDOWS\system32\perfc005.dat
2018-08-31 12:48 - 2018-05-20 19:37 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\CyberLink DVD Suite
2018-08-31 12:45 - 2018-05-20 20:03 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-08-31 12:44 - 2018-04-11 14:45 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2018-08-31 12:25 - 2015-05-16 00:17 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\uTorrent
2018-08-30 13:29 - 2017-04-18 18:56 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\MPC-HC
2018-08-30 13:28 - 2010-06-14 00:39 - 000000000 ___HD C:\Program Files\InstallShield Installation Information
2018-08-30 13:28 - 2009-07-14 06:52 - 000000000 ____D C:\Program Files\Microsoft Games
2018-08-30 13:27 - 2015-09-10 06:16 - 000000000 __RHD C:\Users\Public\AccountPictures
2018-08-30 13:27 - 2010-11-21 11:55 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\Microsoft Games
2018-08-30 13:27 - 2010-11-21 11:55 - 000000000 ____D C:\ProgramData\Microsoft Games
2018-08-30 13:25 - 2010-11-07 12:23 - 000000000 ____D C:\Program Files\Electronic Arts
2018-08-19 19:47 - 2010-12-01 15:18 - 000000000 ____D C:\Users\Kamilka\AppData\Roaming\vlc
2018-08-19 16:32 - 2018-04-11 22:36 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-08-19 16:28 - 2017-11-27 12:04 - 000002511 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-08-19 16:28 - 2017-11-27 12:04 - 000002488 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-08-19 16:28 - 2017-11-27 12:04 - 000002483 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-08-19 16:28 - 2017-11-27 12:04 - 000002444 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-08-19 16:28 - 2017-11-27 12:04 - 000002409 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-08-19 16:28 - 2017-11-27 12:04 - 000002405 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-08-19 16:25 - 2017-11-27 11:51 - 000000000 ____D C:\Program Files\Microsoft Office
2018-08-17 22:43 - 2013-08-13 14:04 - 000000000 ____D C:\WINDOWS\system32\MRT
2018-08-17 22:37 - 2010-11-06 20:54 - 134276632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2018-08-16 20:53 - 2015-11-18 20:34 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2018-08-15 22:56 - 2018-01-10 16:02 - 000000000 ___RD C:\Users\Kamilka\3D Objects
2018-08-15 22:54 - 2018-05-20 19:26 - 000407104 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\zu-ZA
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\yo-NG
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\xh-ZA
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\wo-SN
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\uz-Latn-UZ
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\tn-ZA
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ti-ET
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\tg-Cyrl-TJ
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-RS
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sr-Cyrl-BA
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\sd-Arab-PK
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\rw-RW
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\quc-Latn-GT
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\pa-Arab-PK
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\nso-ZA
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ku-Arab-IQ
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ig-NG
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\chr-CHER-US
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ha-Latn-NG
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\ca-ES-valencia
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\bs-Latn-BA
2018-08-15 22:51 - 2018-04-12 00:25 - 000000000 ____D C:\WINDOWS\system32\az-Latn-AZ
2018-08-15 22:51 - 2018-04-11 22:36 - 000000000 ___SD C:\WINDOWS\system32\UNP
2018-08-15 22:51 - 2018-04-11 22:36 - 000000000 ___SD C:\WINDOWS\system32\F12
2018-08-15 22:51 - 2018-04-11 22:36 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2018-08-15 22:51 - 2018-04-11 22:36 - 000000000 ___RD C:\WINDOWS\PrintDialog
2018-08-15 22:51 - 2018-04-11 22:36 - 000000000 ___RD C:\Program Files\Windows Defender
2018-08-15 22:51 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\TextInput
2018-08-15 22:51 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2018-08-15 22:51 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\ShellExperiences
2018-08-15 22:51 - 2018-04-11 22:36 - 000000000 ____D C:\WINDOWS\bcastdvr
2018-08-13 20:25 - 2018-05-20 19:37 - 000002433 _____ C:\Users\Kamilka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-08-13 20:25 - 2013-10-21 12:20 - 000000000 ___RD C:\Users\Kamilka\SkyDrive

==================== Files in the root of some directories =======

2014-09-13 12:48 - 2009-05-27 12:15 - 000393216 _____ () C:\Users\ArivaUpgrade\ArivaUpgrade.exe
2004-02-04 16:53 - 2004-02-04 16:53 - 000458752 _____ () C:\Program Files\Common Files\db.mdb
2004-02-04 15:54 - 2004-02-04 15:54 - 000000019 _____ () C:\Program Files\Common Files\General.txt
2004-02-04 16:53 - 2004-02-04 16:53 - 000458752 ____H () C:\Users\Kamilka\AppData\Roaming\db.mdb
2004-02-04 15:54 - 2004-02-04 15:54 - 000000019 ____H () C:\Users\Kamilka\AppData\Roaming\General.txt
2002-08-29 19:33 - 2002-08-29 19:33 - 000319488 ____R () C:\Users\Kamilka\AppData\Roaming\MafiaSetup.exe
2018-06-10 18:11 - 2018-06-10 18:11 - 000029696 _____ () C:\Users\Kamilka\AppData\Local\MSGBOX.EXE
2016-05-01 23:56 - 2016-05-01 23:56 - 000000017 _____ () C:\Users\Kamilka\AppData\Local\resmon.resmoncfg
2017-01-16 16:53 - 2016-11-23 15:37 - 000000570 _____ () C:\Users\Kamilka\AppData\Local\TroubleshooterConfig.json

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-20 19:26

==================== End of FRST.txt ============================

Zresetuj Chrome na predvolene nastavenia: Nastavenia -> Rozsirene -> Obnovenie povodnych predvolenych nastaveni (predposledna polozka uplne na konci) -> Resetovat nastavenia.

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  File: C:\Users\ArivaUpgrade\ArivaUpgrade.exe
  Folder: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo
  2018-06-10 18:11 - 2018-06-10 18:11 - 000029696 _____ () C:\Users\Kamilka\AppData\Local\MSGBOX.EXE
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj

Fix result of Farbar Recovery Scan Tool (x86) Version: 23.08.2018
Ran by Kamilka (11-09-2018 18:03:00) Run:2
Running from C:\Users\Kamilka\Desktop
Loaded Profiles: Kamilka (Available Profiles: Kamilka & Mcx1-KAMILKA-PC & DefaultAppPool)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
CloseProcesses:
CreateRestorePoint:

PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
File: C:\Users\ArivaUpgrade\ArivaUpgrade.exe
Folder: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo
2018-06-10 18:11 - 2018-06-10 18:11 - 000029696 _____ () C:\Users\Kamilka\AppData\Local\MSGBOX.EXE

Hosts:
EmptyTemp:
End
*****************

Processes closed successfully.
Restore point was successfully created.

========= Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum =========



Count : 13
Average :
Sum : 65243029
Maximum :
Minimum :
Property : Length




========= End of Powershell: =========


========================= File: C:\Users\ArivaUpgrade\ArivaUpgrade.exe ========================

C:\Users\ArivaUpgrade\ArivaUpgrade.exe
File not signed
MD5: 872D97DD1FCB9BA9A240DFB60377D124
Creation and modification date: 2014-09-13 12:48 - 2009-05-27 12:15
Size: 000393216
Attributes: ----A
Company Name:
Internal Name: ArivaUpgrade
Original Name: ArivaUpgrade.EXE
Product: ArivaUpgrade ????
Description: ArivaUpgrade Microsoft ???????
File Version: 1, 0, 0, 4
Product Version: 1, 0, 0, 4
Copyright: ???? (C) 2007
VirusTotal: https://www.virustotal.com/file/4fadc56 ... 531353917/

====== End of File: ======


========================= Folder: C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo ========================

2012-11-23 10:45 - 2012-11-23 10:45 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo\2012.11.23.23894_0
2012-11-23 10:45 - 2012-11-23 10:45 - 000000380 ____A [A3643EA8425795459C08B381BC1904A7] () C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo\2012.11.23.23894_0\manifest.json
2012-11-23 10:45 - 2012-11-23 10:45 - 000000000 ____D [00000000000000000000000000000000] () C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo\2012.11.23.23894_0\icons
2012-11-23 10:45 - 2012-11-23 10:45 - 000000224 ____A [C6F272C43C0CB8E8D26B44E6802DF446] () C:\Users\Kamilka\AppData\Local\Google\Chrome\User Data\Default\Extensions\dnknkgccldocdogpnhbaddbdhhjiindo\2012.11.23.23894_0\icons\16.png

====== End of Folder: ======

C:\Users\Kamilka\AppData\Local\MSGBOX.EXE => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 9199616 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 10655168 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 296076 B
Edge => 0 B
Chrome => 7279970 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 7168 B
LocalService => 908 B
NetworkService => 0 B
Kamilka => 248492 B
Mcx1-KAMILKA-PC => 0 B
DefaultAppPool => 0 B

RecycleBin => 0 B
EmptyTemp: => 26.4 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 18:06:33 ====

Vyzera to OK. Su este nejake problemy s PC?

nene vypada to, ze vsechno bezi jak ma moc diky

Tak este upraceme po pouzitych nastrojoch:

• Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/
• Uloz na plochu a spusti
• Nechaj oznacenu moznost "Remove disinfection tools"
• Klikni na "Run"

dobry mam to pak uz jen vymazu ten program a hotovo ze....moc moc diky a jeste jednou se omlouvam za ty silene dlouhy odezvy...mej se fajn

Nie je zaco

DelFix by mal zmazat aj sam seba, ak nahodou nie, tak kludne ho mozes zmazat rucne.